How to prevent Tomcat creating separate sessions for domain.com and www.domain.com?

Our web app is deployed on Tomcat. If users visit http://domain.com and http://www.domain.com, they get two different JSESSIONID cookies, and thus two separate sessions, one for domain.开发者_如何转开发com and one for www.domain.com. This causes all sorts of problems if they start doing something in a session on www.domain.com, and then later they are redirected to domain.com.

Is there any way to force Tomcat to just use one JSESSIONID for both domain.com and www.domain.com?

You could try to use mod_rewrite and redirect all domain.com users to www.domain.com.

If your Tomcat is not behind Apache, you can always write a simple servlet filter to do the same.

Also, have a look here: https://serverfault.com/questions/93995/configuring-apache-tomcat-mod-jk-and-mod-rewrite-to-serve-up-tomcat-from-top-le